6. Malware on website
• Virus
– Independent executable files with malicious code
• Trojan Horse
– Kind of virus hidden inside another software
• Worm
– Malware that replicates over a network
7. Malware
• When installing a theme or plug-in on website
– Be sure to scan for malware infection before
uploading
– Special care to be taken with free theme and plug-
in
• Do not keep uninstalled themes and plug-in
on website
– Could be infected by a worm or Trojan Horse
– Increases the size of website in terms of KBs
8. Kinds of Infection
• Defamation
– Company or website owner is defamed on their own
website
• Ransom-ware
– Entire content of website is encrypted and a ransom is
asked in lieu of decryption key
• Adware
– Software or app is installed through an infected
theme, plug-in or coding script to run advertisements
on website maliciously.
9. Kinds of Infection
• SQL Injection
– SQL vulnerabilities are exploited to access data
stored in database
• XSS Cross Site Scripting
– Malicious scripting code is run through the
website at the user end to get access to sensitive
and private user data.
– Website itself is not infected with the script.
10. Malicious Users
• Users can write comments and feedback for
the website or articles on website
• Through comments, a malware can be
installed on the website.
• Thus, website owners need to track comments
and approve after checking.
11. Password Breaking
• Hackers try to guess username and password
for admin/user account
• Limit the number of login attempts allowed
• Enable 2 step authentication
12. Security Layer
• Add an extra layer of security by enabling
– Security Plug-ins
– CDN (content delivery network)
• Assure activation of
– Firewall
– Malware detection
– XSS – cross site scripting detection